Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

module-signature vulnerabilities and exploits

(subscribe to this query)
10
CVSSv2
CVE-2015-3408
Module::Signature prior to 0.74 allows remote malicious users to execute arbitrary shell commands via a crafted SIGNATURE file which is not properly handled when generating checksums from a signed manifest.
Module-signature Project Module-signatureCanonical Ubuntu Linux 12.04Canonical Ubuntu Linux 14.04Canonical Ubuntu Linux 14.10Canonical Ubuntu Linux 15.04
7.2
CVSSv2
CVE-2015-3409
Untrusted search path vulnerability in Module::Signature prior to 0.75 allows local users to gain privileges via a Trojan horse module under the current working directory, as demonstrated by a Trojan horse Text::Diff module.
Module-signature Project Module-signatureCanonical Ubuntu Linux 12.04Canonical Ubuntu Linux 14.04Canonical Ubuntu Linux 14.10Canonical Ubuntu Linux 15.04
6.4
CVSSv2
CVE-2015-3406
The PGP signature parsing in Module::Signature prior to 0.74 allows remote malicious users to cause the unsigned portion of a SIGNATURE file to be treated as the signed portion via unspecified vectors.
Module-signature Project Module-signatureCanonical Ubuntu Linux 12.04Canonical Ubuntu Linux 14.04Canonical Ubuntu Linux 14.10Canonical Ubuntu Linux 15.04
5
CVSSv2
CVE-2015-3407
Module::Signature prior to 0.74 allows remote malicious users to bypass signature verification for files via a signature file that does not list the files.
Canonical Ubuntu Linux 12.04Canonical Ubuntu Linux 14.04Canonical Ubuntu Linux 14.10Canonical Ubuntu Linux 15.04Module-signature Project Module-signature
4.4
CVSSv2
CVE-2013-2145
The cpansign verify functionality in the Module::Signature module prior to 0.72 for Perl allows malicious users to bypass the signature check and execute arbitrary code via a SIGNATURE file with a "special unknown cipher" that references an untrusted module in Digest/.
Canonical Ubuntu Linux 12.10Canonical Ubuntu Linux 13.04Canonical Ubuntu Linux 12.04Opensuse Opensuse 11.4Opensuse Opensuse 12.2Opensuse Opensuse 12.3Perlmonks Module\\ \\
4.3
CVSSv2
CVE-2017-18689
An issue exists on Samsung mobile devices with M(6.0) and N(7.0) (Exynos5433, Exynos7420, or Exynos7870 chipsets) software. An attacker can bypass a ko (aka Kernel Module) signature by modifying the count of kernel modules. The Samsung ID is SVE-2016-7466 (January 2017).
Google Android 6.0Google Android 7.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-2907hardcodedinjectCVE-2024-20359CVE-2024-2467CVE-2024-4077CVE-2024-22391cameraCVE-2024-20353
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook